segunda-feira, 18 de julho de 2011

Web Interface 5.2 on Windows Server 2008 – configuring NLB Clustering

  1. Install Windows Server 2008 on two servers (or more – up to 32) and give them unique IP addresses on the same subnet. If you can, give them a second NIC and give it another IP, also on the same subnet.  If you don’t, you will have to use Multicast mode later, which might cause problems for your network. Enter a gateway for both network connections and check that they are both accessible on the network.  Yes, I know it will whinge.  For one of these connections go into its advanced networking settings and uncheck the checkbox for “Register this connection’s address in DNS”.  This is the network connection you should use to be a member of the cluster.
  2. Install the same version of the Web Interface 5.2 on both servers, configuring them with the same settings.  Web Interface no longer supports centralised configuration so be sure that the configurations are identical.  Comparing the resulting config.xml files in the sites you create is a good idea, they should be the same.
  3. Test both servers are able to function correctly.
  4. imageOn each server, open Server Manager and select Features.  Click Add Features and select Network Load Balancing, Next and Install.
  5. On either server, click Start, Administrative Tools, Network Load Balancing Manager
  6. Click Cluster > New.  Enter the name of the server you are on and click Connect.  You should see the Interface name and IP appear below.
  7. Click Next and you should see something like the screen below.  Assuming you are happy with the IP it has chosen (this will not be the IP of the cluster but the IP this host uses to participate in the cluster), click Next
    image
  8. Enter a new IP for the Cluster to be known as.
  9. Enter a name for the Cluster (you can create a more friendly DNS alias for the cluster later).
  10. Choose the operational mode. If you use Unicast Mode (where the original MAC address of the servers’ NICs are replaced by that of the cluster) and you only have one NIC per server, the servers will not be able to see each other which might be a serious problem as they need to communicate to load balance effectively.  If you use multicast mode (where each servers’ NIC keeps its MAC address and gets a second new shared one for the cluster) you will probably have to make some network infrastructure changes to get other machines to see the cluster. So basically, get a second NIC in each server and choose Unicast.
    image
  11. Click Next and Finish to accept the rules.
  12. Check your sites are available on the cluster IP address.
  13. On the second server, open Network Load Balancing Manager.  Click Cluster > Connect to existing and enter the name of the first server (or the server name or IP)
  14. Right click the cluster name and click Add Host To Cluster.  Add the second server and choose the network connection that is not set to register in DNS (assuming you had two).  Agree to everything else and the second server should then appear in the list and move quickly to “converging” status.  After a minute, refresh the list and it should go to Converged. 
  15. The cluster should function correctly now without further changes, but I would also add some text to the web interface sites on both servers so you can tell where the content is coming from.  This will make troubleshooting easier later on.  Open the Citrix Web Interface Management tool on each server and right click each of the Web Sites.  Select Web Site Appearance.  Click Content, Add, choose your language code, click Next.  Select Footer Text, Next and enter the server name in the text box.  Click Finish, OK and OK.

Fonte: http://zenapp.blogspot.com/2010/03/web-interface-52-on-windows-server-2008.html

Installing XenApp 6 – Part 4 – Web Interface

This section is about installing the web interface to support Web Interface and Agent clients. Note Program Neighborhood will not work with XenApp 6!

  • Install a Windows 2008 R2 Server with .NET Framework 3.5 sp1
  • Launch Server Manager and add the IIS role. Add the Windows Authentication element and the contents of Application Development. Also add the IIS6 Management Compatibility section further down.

image

  • Install the Microsoft Visual J# 2.0 redistributable. This can be found on the XenApp 6 DVD at \support\JSharp20_SE\vjredist_64.msi
  • Also from the XenApp 6 DVD, run \Web Interface\WebInterface.exe
  • Choose your language, click Next and agree to the EULA.
  • You will be prompted for a folder where the clients can be copied from so they can be made available on the server. You may not want to do this, but if you do you can use the folder Citrix Receiver and Plug-ins on the server. These will take a while to copy as they contain lots of languages, so you might want to clear out languages you don’t want first.
  • Click next at the end of the install to start creating the sites.

image

  • You can now create XenApp Web Sites (for Web Interface users) and XenApp Services Sites (for users of the Agent).

Creating a simple Web Interface website.

  • Specify the IIS Settings – you probably want to tick the checkbox for “Set as the default page for the IIS site”, assuming this will actually be the default page. This will mean users will be able to just type the name of the server (or an alias you create in DNS) into their browser and see the login page of this website.

image

  • For this simple guide I’ll assume this is just an internal server that is going to host a simple website to allow Citrix access. In this case, select “At Web Interface” for the point of authorisation.

image

  • After install, click next to configure the site.

image

  • Enter your farm name and a list of servers from the farm. These servers should all remain up from this point on to avoid errors for users logging on. Try to add at least two servers if you have them. Click Next when done.

image

  • A very important choice is how users will log on to the farm. Its unlikely you want to use Anonymous and if you don’t use Smart Cards, the third and forth options will not apply to you either. The first two are the most usual – Explicit and Pass-through. Explicit will prompt users for a username and password (and, optionally, a domain) before giving them their application shortcuts. Pass-through will use the logged on Windows username and password to automatically authenticate. This option is not applicable for every organisation as it may be considered a security problem (and obviously requires everyone to login using their own domain account on a domain PC, which might not be the case). Pass-through is also quite complicated to get working and requires considerable testing. When it works though, it is quite cool. For simplicity, I’ve left it as just Explicit. If you select more than one method you’ll need to decide later which is the default.

image

  • On the next screen you can restrict the domains allowed or allow any domain. Probably best to tie this down to a single domain if you can for security.

image

  • Choose the layout – full or minimal. Not a huge difference between them, especially if you are not going to put out messages on the site.

image

  • Choose whether this site will serve Online, Offline or dual-mode applications. Online applications are normal apps when the server and client are on the network. Offline apps are specially prepared streamed applications created with the Profiler application. They are downloaded to the client and can be executed when the network access is not available (at least for a time). You need a platinum farm or individually purchased license for this functionality, so if you don’t have them, choose Online. If you do have a Platinum farm, consider whether you want to support such apps and are intending to actually create them. Click next and finish to complete the website setup.

image

  • Open your browser and type in the name of the server, and you should see your new website

image

  • After logon you should see any applications that you have defined for your farm for this username.

image

  • Note you can now right click the website in the Citrix Web Interface Management tool and further configure it. This might include adding extra Server Farms (the web interface will seamlessly merge all the shortcuts for the different farms you specify), changing authentication methods, altering timeouts, etc.

image

Creating a simple XenApp Services site.

  • Specify the IIS Settings again – this time there is no option to make it a default.

image

  • After install, click next to configure the site.

image

  • Enter your farm name and a list of servers from the farm. These servers should all remain up from this point on to avoid errors for users logging on. Try to add at least two servers if you have them. Click Next when done.

image

  • Again, choose whether to support offline (streamed applications downloaded to the client – platinum customers only) applications. Click Next and finish.

image

  • You can now right click the website in the Citrix Web Interface Management tool and further configure it. This might include adding extra Server Farms (the web interface will seamlessly merge all the shortcuts for the different farms you specify), changing authentication methods, altering timeouts, etc. Checking that Authentication methods is set as you would like is especially important. Note if you want to enable Content Redirection (the ability to set local file associations on PCs to point to Citrix Applications), its here – in Server Farms > Advanced. This is a feature of Web Services sites only, not Web Interface clients.

image

As a final step in this configuration, you might want to consider installing more than one web interface server and joining them into a NLB cluster. This works very well with Citrix Web Interface and provides a good way of being able to make changes without removing service – i.e. you can remove a server from a cluster, update it, add it back in and then repeat with the other cluster members.

Fonte: http://zenapp.blogspot.com/2010/04/installing-xenapp-6-part-4-web.html

Installing XenApp 6 – Part 3 – Citrix Licensing v11.6.1 build 10007

This section is about installing your licensing server and configuring your farm to use it.

  • Install another Windows 2008 Server R2 machine.  Personally I would have this be my Terminal Services licensing server as well (you WILL need an R2 server for that – a 2008 R1 server will not give you the right CALs for a XenApp 6 farm) but that’s not covered here.  Just install the Remote Desktop Services Licensing components, activate the server and add your CALs.
  • For Citrix Licensing, run this MSI from the main XenApp 6 DVD:
    \licensing\CTX_licensing.msi
    The version that ships with XenApp 6 is 11.6.1 build 10007
  • Agree to the UAC prompts and generally click Next until its installed.  There aren’t any options and it doesn’t need a reboot.
  • After installation the configuration tool will launch.  Change the licensing port if you feel the need (there’s nothing wrong with the defaults) and give it a really good password.  Don’t lose it though.

image

  • You can now launch the Licensing web interface from the Start Menu (or from another machine on the URLhttp://servername:8082/).  If you launch it from the server, turn off IE ESC from the server manager and try to get the localhost site into the Local Intranet security zone). 
  • In the exciting new licensing interface you should see there are now 4000 Start-up licenses – this is because Citrix don’t bother charging you by Citrix server anymore, just by concurrent user.  Therefore each installed license server can support 4000 citrix servers.

image

image

  • Click Vendor Daemon Configuration to get to the import licenses button.
  • Click Import licenses and browse to the new *.lic files.

image

  • This is the tricky part.  At this point it will probably tell you that the server name in the license file does not match the name of the license server.  If you are sure you got this right, you can probably ignore this.  Check the contents of c:\Program Files (x86)\Citrix\Licensing\MyFiles on the license server and see if the license file is there now.  If it is, restart the Windows service CitrixLicensing and then go back to the Dashboard.  You should now see your licenses.

image

  • Now you just need to enter your license server name, port and server type (Enterprise, Advanced, Platinum) in the Policies node of the XenApp Management tools (the DSC).  Its easiest to just edit the Unfiltered policy.  To start this, open the DSC, click Policies and the Computer tab.

image

  • With the Unfiltered policy selected, click Edit.
  • Select Licensing on the left and click the edit buttons by the server name and port

image

  • Then click Server Settings and “Add”, next to the XenApp product edition.  Select the edition you have licenses for and click Save.
  • Open a command prompt and run gpupdate.  If you have entered the wrong details you should get an error of “the licenses required by this edition of Citrix XenApp are not present on the license server”.  Correct the settings if you get this and run gpupdate again.  “gpupdate /force” is more effective as it will rebuild all policies rather than just looking for differences.  Reboot the server for the new Computer policies to take effect.

image

  • After the reboot, do a “query farm /load” again in CMD.  If the server still has a value of 20000 it is still not configured right.  Check that RDP is enabled in Start > right click Computer, click Remote Settings.  Check it is set to “Allow connections from computers running any version of Remote Desktop”.

image

  • If you had this problem, correct it and reboot again.  Do a “query farm /load” again in CMD and hopefully the load has gone down from 20000 (error) or 10000 (full load).  It should be more like 100.  If you still have a problem, best check your Event Viewer to see whether there is anything useful there.

Fonte: http://zenapp.blogspot.com/2010/04/installing-xenapp-6-part-3-citrix.html

Installing XenApp 6 – Part 2 – Establishing the farm

After your server has completed installation Click the Configure button in the Role Manager to start establishing the farm.  Start the Role Manager from the Start Menu if its not running.

image

You might find you have to minimise this screen to see the Join/Create farm screen!  Click Create

image

Name your farm and add a good account as an administrator

image

Enter license server details if you have them – otherwise select the option to enter them later.  If you don’t enter them here though, you will have specify them using Group Policy or by removing your server from the farm and going through this process again.  I would really consider getting a license server set up with some real licenses on it before doing this step.  If not, I’d enter the details you’re going to use for the license server.  Click Next when done.

On the database screen, you can select the “existing database” option if you have pre-created a database on a SQL Server.  Otherwise, New Database will go on to create a local SQL Express database.  This is only much use for small farms and test installations.  Enter credentials as requested.

image

Decide on a shadowing policy – generally a business decision, on a test farm of course you probably just want to allow shadowing, in a live farm you probably want to at least “force a shadow acceptance popup” so users cannot be monitored without their permission.

image

If you selected the EdgeSight agent, enter your information for it now.  Decide on a company name (that’s how EdgeSight organises its servers into groups – personally each farm is a separate company for me).  If you’ve not installed EdgeSight yet, enter the server name you will use.

The advanced settings screen can be skipped but is worth a quick look.  Enter a Zone name if you are going to have different zones (unless you have different sites on a WAN with citrix servers at each, you won’t.  On online plug-in enter your server name you will use for the web interface if you know it.  On Remote Desktop Users the default settings might not be right for a live farm.  Anonymous Users is obviously not very secure – Authenticated Users (i.e. anyone who has a valid domain username and password) might be a better choice.  Users should include Domain Users which will generally have the same effect.

image

Click Apply to create the farm.  Should take about 5 minutes.  Close the wizard when it completes and manually reboot.

image

After reboot and login.

If you are not going to use the Single Sign-On feature of XenApp (note: this is different from clients using passthrough authentication and is only included in Platinum version by default), remote the admin tools for it or it will keep prompting you for information.  Go to Control Panel, Uninstall a program, and remove “Citrix Single Sign-On Console” by selecting Change and Remove:

image

Check you can load the Delivery Services Console (DSC)... 

image

In the discovery mode, add the local computer and complete the process to be able to see your farm.  You should see the new server as the only member of the farm:

image

Your server is almost certainly NOT ready to host apps!  This is because licensing is not sorted out.  You can publish apps using the DSC but they would not launch.  You can confirm this by launching CMD as Administrator and typing “query farm /load”.  If this lists 20000 next to your server, it is not licensed properly. 

image

So the next steps are:

  • Establish a license server
  • Configure license server details in Policies in the DSC
  • Run gpupdate on your server to take the new policies

And we should then be ready to install the web interface and use the farm!

Fonte: http://zenapp.blogspot.com/2010/04/installing-xenapp-6-part-2-establishing.html

Unattended\Scripted Installation of XenApp 6

I imagine that Citrix will tell you that you don’t need to do unattended or scripted installations, just buy Provisioning Server!  But back in the real world you’re likely to be installing XenApp 6 on hundreds of servers in even a medium sized farm and unattended scripts are the way forward.

In this I am making the assumption that you already have an established XenApp 6 farm and you are just joining servers to it, though its only the “XenAppConfigConsole.exe” step below that would need to be changed to create the farm instead, assuming you also created the SQL database manually.  This is also quite a simple farm with everything in the same Zone, but you get the idea.  I’m also making the assumption you have a Data Store database already created on a full SQL Server which you know the details for and that you have a working license server.

Citrix have changed the way that scripted installations work since XenApp 5 incidentally, so you can forget MSTs and mps.msi, its all different now!

Finally, you’ll have to decide how you are going to actually copy the files and run the commands listed here – I used Altiris, which worked fine.  I’m sure you have your own ways and means.  If you are installing the XenApp Server steps manually by logging onto the server’s desktop, don’t use Terminal Services.  I haven’t actually tried this over a TS session but it didn’t work in XenApp 5 and I doubt its changed.

  1. Install Windows Server 2008 R2 on a server.  Join it to the domain, install anti-virus (if that’s your thing), sort the networking, etc.  I’m assuming here you’ve turned off UAC which might not be a great idea but make the instructions more simple. 
  2. The command to turn off the Windows Firewall (should you be doing this – if not, you’re going to have to open ports) is:
    netsh advfirewall set allprofiles state off
    image
  3. Add the required server roles.  These are the GPMC (required to support the admin tool – this might not be needed on servers without the admin tools) and Remote Desktop Services.  Other roles required will be added automatically.  To do this execute the following commands, which will grumble about servermanagercmd being deprecated but will work fine:
    servermanagercmd -install GPMC –restart
    servermanagercmd -install AS-NET-Framework –restart
    servermanagercmd -install RDS-RD-Server –restart
    The last command will cause a reboot.
    image
  4. Install a XenApp client.  I installed our standard v12.0 client by downloading the full Online Plug-in, copying it to the C:\ drive of the new server and executing this command:
    c:\CitrixOnlinePluginFull.exe  /silent ADDLOCAL="ICA_Client,PN_Agent,SSON" SERVER_LOCATION=http://xenapp/Citrix/PNAgent/config.xml ENABLE_SSON="Yes" ENABLE_DYNAMIC_CLIENT_NAME="Yes" ENABLE_KERBEROS="No"
    The precise options will depend on your environment. 
  5. Copy the XenApp 6 DVD to your server or make it available on your network.  In this I copied the extracted ISO to c:\XA6_2008R2_ML\
  6. Execute the command to install an unconfigured XenApp 6 installation by using the XenAppSetupConsole.exe from the DVD.  This is a valid string which will install just XenApp (not web interface, licensing server, etc, etc) but exclude the administration tools, which are included with XenApp by default.  Miss the /exclude option out if you want the admin tools on this server. Set your product edition as well - my edition is Enterprise.  This example logs to the root of the C: drive too.  For a full list of switches for this part, see thishttp://support.citrix.com/proddocs/index.jsp?topic=/xenapp6-w2k8-install/ps-install-command-line.html:
    "c:\XA6_2008R2_ML\XenApp Server Setup\bin\XenAppSetupConsole.exe" /install:XenApp /exclude:XA_Console /Enterprise /logfile:c:\ctxsetup.log
    This is silent – if you are logged on you should see things happening in Task Manager such as msiexec.exe and XenAppSetupConsole.exe itself
    image
    EDIT 19 July 2010 - I originally posted this command wrong.  I gave the edition switch as “/edition:Enterprise” for an Enterprise farm.  Actually I misread the instructions, it should be /Enterprise for an Enterprise farm or /Advanced for an advanced farm.  Any other setting will give you the default of Platinum.  I’ve corrected the line above and the screenshot. 
  7. Once the command above completes, reboot your server to complete installation.  If you are scripting this in a batch file, use this as the next command:
    shutdown –r –t 0
  8. Copy or create a DSN file for your data store as c:\sql.dsn.  This doesn’t need the password of the SQL user you’re connecting with but will need everything else.  If you don’t know what you’re doing with this, its a text file which you can create manually – this is an example, obviously replace the values for DATABASE, UID and SERVER with your real values:
    image
  9. You now have an unconfigured XenApp 6 installation and must configure it with the XenAppConfigConsole.exe tool from the DVD.  Again, tailor the command to your own environment, especially the farm name, SQL Server username and password and the name of your License server.  It should take a couple of seconds and end with Exit Code: Successful.  Note the “/ExecutionMode:Join” part – this could be changed to create the farm.
    "c:\XA6_2008R2_ML\XenApp Server Configuration Tool\XenAppConfigConsole.exe" /ExecutionMode:Join /FarmName:"XenApp 6 Farm" /LicenseServerName:licenseServerName.domain.local /LicenseServerPort:27000 /ZoneName:"Default Zone" /AddUsersGroupToRemoteDesktopUserGroup:True /AuthenticationType:sql /DsnFile:c:\sql.dsn /OdbcUsername:sqlusername /odbcPassword:sqlpassword /log:c:\joinfarm%1.log
    image
  10. Reboot to complete the operation – it will not appear in your list of servers in the XenApp DSC admin tools until you do this.
  11. If you are using the User Profile Manager you will need to install this too.  Download the latest MSI and copy to the C: drive:
    msiexec /i c:\profilemgt3.1.1_x64.msi /qn
  12. One last possible change – if you are streaming applications that use Services (Office 2010 being the obvious example) and you don’t sign your profiles, you will need to run this to add a registry key to allow the service to start.  Replace “fileserver” with the name of the file server that stores your profiles.  This can be multiple entries separated by semicolons.
    REG ADD "HKLM\SOFTWARE\Citrix\Rade" /v AppHubWhiteList /t REG_SZ /d fileserver

You should now see the new server in the DSC and be able to publish applications to it.  Obviously these instructions have not been a fully unattended installation as such but providing you have a system such as Altiris to copy files and execute commands remotely they should be enough for you to build such a process.

Fonte: http://zenapp.blogspot.com/2010/07/unattended-installation-of-xenapp-6.html

Installing XenApp 6 – Part 1 – Manually installing

 

Most XenApp servers will be installed by unattend scripts and images of course, but we have to start somewhere – and this is a quick guide to the slightly picky process to installing XenApp 6 manually.

Just as a note – I would really consider doing step 3 first, so you can fill in the details of a license server when prompted to join the farm in the second stage.  It’ll reduce your chances of ending up with an unlicensed server…

  • Install Windows 2008 R2, with .NET 3.5 sp1 (no, it won’t install on Windows Server 2008 “R1”)
  • Logon to the server again but NOT USING REMOTE DESKTOP!  Use VNC, use ILO, plug a monitor in, use VMware/XenServer/ tools if its virtual - just don’t use Terminal Services.  It won’t work.
  • Extract the XenApp 6 ISO to a folder on the network with 7zip.  Or burn it to a DVD if you must
  • Run autorun.exe (as administrator)
  • Click Install XenApp Server

clip_image002

  • Click Add Server Roles

clip_image004

  • Select your XenApp edition.  In my case, its Enterprise.

clip_image006

  • Choose your server roles.  You will need at least a license server as well, but if you have a spare machine (a virtual is fine) its a good role to have a dedicated server for.  Remember it will have to be Windows Server 2008 R2 as well if its going to be serving your Terminal Services CALs.

clip_image008

  • Choose your server roles.  XenApp Server is the only required one for your first server, but the XenApp Management role might be a good idea for one of your servers so you can host the app on the farm.  You can also install the XenApp Management tools to your PC, which is a good idea for when there’s a problem with your farm that stops you launching apps!  I’ve also selected the EdgeSight Agent as well since I’m planning to deploy an EdgeSight server later on.

clip_image010

clip_image012

  • That’s a lot of Visual C++ Redistributables.  No Java pre-req though, thank God.  Click Install to carry on, agree to any UAC prompts and log back in after reboots as needed.  If you have not installed the Remote Desktop roles before install you’ll need to restart it manually when it tells you the restart was pending.  After reboot, run XenApp Server Role Manager to carry on.

image

clip_image014

clip_image016

clip_image018

  • After install, click Finish.  Select the Role Manager from the Start Menu if its not launched and click Configure to set up your farm.

clip_image020

Fonte: http://zenapp.blogspot.com/2010/04/installing-xenapp-6-part-1-manually.html